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DETAILED ACTION 

• Applicant's amendment filed on 3/26/201 0 has been entered. Applicant has 

amended claims 1 and 23 and added claim 40. Currently claims 1-2, 6-8, 10-12, 14, 
17-19, 21-27 and 29-40 are pending in this application. 

EXAMINER'S AMENDMENT 

1 . An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Joseph F. Oriti on June 2, 2010. 

Application should be amended as follows: 

1 : (Currently Amended) A method of automating generation of a vendor-provided 
manifest that governs execution of a software object distributed by the vendor, 
the method comprising: 

creating , via a computer, a manifest configuration file (MCF) that provides 
a description of requirements to be embodied in the vendor-provided manifest, 
the description including an identity of a key file that contains a cryptographic 
key, wherein providing said identity of the key file eliminates the need to 
manually insert cryptographic key data into the vendor-provided manifest; 

parsing the MCF to create a generic representation containing substance 
specified in the MCF; and 

providing the generic representation to a manifest generation tool that 
reads the generic representation, retrieves said cryptographic key to obtain 
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cryptographic key data for insertion into the vendor-provided manifest, and 
generates the vendor-provided manifest in an extensible Rights Markup 
Language (XRML) format based on the requirements, said manifest comprising 
one or more rules imposed by the vendor to enable a security component to 
impose a permeable barrier for ensuring integrity of an address space that is 
used in a computer for executing the software object, the one or more rules 
incorporating a list of acceptable and unacceptable modules, wherein the 
acceptable modules are permitted to pass through the permeable barrier and are 
executed in the address space of the computer and the unacceptable modules 
are prevented from passing through the permeable barrier and unconditionally 
barred from being executed in the address space of the computer. 

12. (Currently Amended) A computer-readable storage medium encoded with 

computer-executable instructions to perform a method of generating a manifest 
that governs the execution of a software object distributed by a vendor, the 
method comprising: 

generating a manifest configuration file (MCF) file containing a high-level 
description of the manifest using human-readable syntax, wherein the high-level 
description comprises a vendor-specified policy configured to preclude loading of 
a rogue module into an address space of a computer in which the software object 
is to be executed; 

parsing the MCF fWe by eliminating at least a portion of the human- 
readable syntax to generate a generic representation of the material contained in 
MCF file; an4 

generating a manifest based on the generic representation, the generation 
comprising: 

including in said manifest an identification of an executable module and an 
indication that either: 

said executable module may be loaded into said address space; or 
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said executable module may not be loaded into said address 

space; 
and 

providing the generic representation to a manifest generation tool that reads the 
generic representation and generates the manifest in an extensible Rights 
Markup Language (XRML) format . 

1 7. (Currently Amended) A method of automating the generation of a manifest that 
governs the execution of a software object, the method comprising: 

creating , via a computer, a manifest configuration file (MCF) file using a 
high-level description containing human-readable syntax that simplifies the 
describing of the manifest and permits a vendor to specify what may be loaded 
into an address space of a computer in which the software object is to be 
executed, the specification referring to one or more components that are external 
to the software and external to the specification; 

parsing the MCF file to generate an internal data structure representing a 
substance of the requirements with at least a portion of the human-readable 
syntax removed; and 

using a manifest generation tool that accepts the internal data structure 
and automatically generates therefrom, the manifest, wherein the manifest 
generation tool does at least one of a) including, in said manifest, data from one 
of said one or more components; or b) computing a value based on one of said 
one or more components and including the computed value in said manifest, 
thereby eliminating the need for the vendor to manually insert the computed 
value into the manifest ; and 

providing the substance of the requirements to a manifest generation tool 
that reads the substance of the requirements and generates the substance of the 
requirements in an extensible Rights Markup Language (XRML) format . 



Application/Control Number: 10/658,149 
Art Unit: 2435 



Page 5 



23. (Currently Amended) A system comprising a processor for generating a manifest, 
the system further comprising: 

a first parser implemented on the processor, the first parser configured to 
receive a manifest configuration file (MCF) specification in a human-readable 
syntax indicative of requirements for a manifest, the first parser generating 
therefrom, a generic representation of said requirements by removing at least a 
portion of the human-readable syntax, said requirements relating to what may be 
loaded into an address space of a software object, said specification referring to 
one or more components external to said software and external to said MCF 
specification; and 

a first manifest generator that generates a manifest based on said 
representation and includes in said manifest information computed based on, 
said one or more components, the manifest configured to interoperate with a 
security component that imposes a permeable barrier for selectively allowing 
acceptable modules to be loaded into the software space of the software object 
and blocking unacceptable modules from being loaded into the software space 
thereby preventing unauthorized tampering of the one or more components : and 

providing the generic representation to a manifest generation tool that 
reads the generic representation and generates the manifest in an extensible 
Rights Markup Language (XRML) format . 



Allowable Subject Matter 

2. Claims 1-2, 6-8, 10-12, 14, 17-19, 21-27 and 29-40 are allowed. 
The following is an examiner's statement of reasons for allowance: 
Claims 1 is allowed because the prior art does not teach the combination of 

limitations as submitted and discussed in the response (see, pages 16-17, against Lao 
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reference) filed by applicant on 3/26/2010. Independent claims 12, 17 and 23 have been 
amended to recite similar limitations for which examiner relied upon Lao to place these 
independent claims also in condition of allowance. Dependent claims are allowed due to 
dependency. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to YOGESH PALIWAL whose telephone number is 
(571)270-1807. The examiner can normally be reached on M-F 9:00 - 5:00 EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 5712723859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Y. P.I 

Examiner, Art Unit 2435 

/Kimyen Vu/ 
Supervisory Patent Examiner, Art Unit 2435 



